Tuesday, May 17, 2011

Bouncing Through the Cloud

A Bloomberg report over the weekend referenced an unnamed source as saying that Amazon cloud resources were used in the breach of the Sony Playstation Network.  Specifically, Amazon's cloud infrastructure was not compromised, but instead used as a "relay" for the attacker to hide his/her origin.

An article on Reuters makes an (IMO) unsubstantiated claim that the attack on Sony spells doom for cloud computing.  My response is that, whether or not cloud computing had anything to do with this, Sony simply had vulnerable software and apparently had insufficient controls and management in place to detect and respond to security issues.  Poor security and controls are mostly unrelated to cloud technologies -- yes, there is a possibility of attacks on the hypervisor in shared infrastructure, among other things -- but none of the recent significant breaches has involved vulnerabilities in cloud computing.

What I see as a more significant exposure in cloud computing is the extent to which confidential data is being stored in the public or hybrid cloud and being provided via cloud-based servers to end users over the Internet without sufficient monitoring and controls in place.  The glaring security deficiencies in cloud computing right now are the lack of visibility and the lack of security functionality that we have in private data centers, including network traffic analysis, intrusion detection systems (IDS), data loss prevention (DLP) systems, and audit and logging systems.

We're working at Palisade Systems to improve the security controls available in cloud computing. Palisade has virtual DLP appliances available for VMware cloud environments, and will have more good cloud security products coming up.

No comments:

Post a Comment